lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <202210310029.29AB38AE16@keescook> Date: Mon, 31 Oct 2022 00:32:08 -0700 From: Kees Cook <keescook@...omium.org> To: John Thomson <git@...nthomson.fastmail.com.au> Cc: tsbogend@...ha.franken.de, linux-mips@...r.kernel.org, linux-hardening@...r.kernel.org, kernel test robot <lkp@...el.com> Subject: Re: [PATCH] mips: boot/compressed: use __NO_FORITFY On Mon, Oct 31, 2022 at 04:36:47AM +1000, John Thomson wrote: > In the mips CONFIG_SYS_SUPPORTS_ZBOOT kernel, fix the compile error > when using CONFIG_FORTIFY_SOURCE=y > > LD vmlinuz > mipsel-openwrt-linux-musl-ld: arch/mips/boot/compressed/decompress.o: in > function `decompress_kernel': > ./include/linux/decompress/mm.h:(.text.decompress_kernel+0x177c): > undefined reference to `warn_slowpath_fmt' > > kernel test robot helped identify this as related to fortify. The error > appeared with commit 54d9469bc515 ("fortify: Add run-time WARN for > cross-field memcpy()") > Link: https://lore.kernel.org/r/202209161144.x9xSqNQZ-lkp@intel.com/ > > Resolve this in the same style as commit cfecea6ead5f ("lib/string: > Move helper functions out of string.c") > > Reported-by: kernel test robot <lkp@...el.com> > Fixes: 54d9469bc515 ("fortify: Add run-time WARN for cross-field memcpy()") > Signed-off-by: John Thomson <git@...nthomson.fastmail.com.au> > --- > not sure about the fixes tag: > compile error only occurs due to the fortify commit, but it looks like > this change could have been part of the other commit identified in the > message: lib/string move helper functions? I think the Fixes tag is reasonable. Strictly speaking, it should likely be whatever added the memcpy() in decompress.c, but that's mostly nonsense, since nothing else had tripped yet. :) The issue is that the memcpy() has a runtime length, so CONFIG_FORTIFY_SOURCE was inserting the logic for a runtime warning, which doesn't exist here. This is the correct fix (turning off FORTIFY in the early boot loader). Reviewed-by: Kees Cook <keescook@...omium.org> -- Kees Cook
Powered by blists - more mailing lists